From 5962125e7b87b271662ad356751bc57583fa3b08 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Tue, 30 Jun 2020 16:14:34 +0200 Subject: apps/jitsi/meet: migrate to new standalone pod role --- roles/apps/jitsi/meet/tasks/main.yml | 17 ++- roles/apps/jitsi/meet/templates/pod-spec.yml.j2 | 185 +++++++++++++++++++++++ roles/apps/jitsi/meet/templates/pod.yml.j2 | 190 ------------------------ 3 files changed, 197 insertions(+), 195 deletions(-) create mode 100644 roles/apps/jitsi/meet/templates/pod-spec.yml.j2 delete mode 100644 roles/apps/jitsi/meet/templates/pod.yml.j2 (limited to 'roles/apps/jitsi/meet') diff --git a/roles/apps/jitsi/meet/tasks/main.yml b/roles/apps/jitsi/meet/tasks/main.yml index 66644f8f..f5bcbd21 100644 --- a/roles/apps/jitsi/meet/tasks/main.yml +++ b/roles/apps/jitsi/meet/tasks/main.yml @@ -17,11 +17,18 @@ dest: "{{ jitsi_meet_base_path }}/{{ jitsi_meet_inst_name }}/scripts/prosody/cont-init.sh" mode: 0755 -- name: generate pod manifests - template: - src: "pod.yml.j2" - dest: "/etc/kubernetes/manifests/jitsi-meet-{{ jitsi_meet_inst_name }}.yml" - mode: 0600 +- name: install pod manifest + vars: + kubernetes_standalone_pod: + name: "jitsi-meet-{{ jitsi_meet_inst_name }}" + spec: "{{ lookup('template', 'pod-spec.yml.j2') }}" + mode: 0600 + config_hash_items: + - path: "{{ jitsi_meet_base_path }}/{{ jitsi_meet_inst_name }}/scripts/prosody/cont-init.sh" + properties: + - checksum + include_role: + name: kubernetes/standalone/pod ## TODO: https://github.com/jitsi/jitsi-meet/blob/master/doc/turn.md diff --git a/roles/apps/jitsi/meet/templates/pod-spec.yml.j2 b/roles/apps/jitsi/meet/templates/pod-spec.yml.j2 new file mode 100644 index 00000000..7461658f --- /dev/null +++ b/roles/apps/jitsi/meet/templates/pod-spec.yml.j2 @@ -0,0 +1,185 @@ +initContainers: +- name: prepare-config + image: busybox + workingDir: /config + command: + - sh + - -c + - mkdir -p jicofo prosody web jvb + volumeMounts: + - name: config + mountPath: /config +containers: +- name: jicofo + image: "jitsi/jicofo:{{ jitsi_meet_version }}" + resources: + requests: + memory: "1Gi" + limits: + memory: "4Gi" + volumeMounts: + - name: config + subPath: jicofo + mountPath: /config + env: + - name: XMPP_SERVER + value: 127.0.0.1 + - name: XMPP_DOMAIN + value: meet.jitsi + - name: XMPP_AUTH_DOMAIN + value: auth.meet.jitsi + - name: XMPP_INTERNAL_MUC_DOMAIN + value: internal-muc.meet.jitsi + + - name: JICOFO_COMPONENT_SECRET + value: "{{ jitsi_meet_secrets.jicofo_component_secret }}" + - name: JICOFO_AUTH_USER + value: focus + - name: JICOFO_AUTH_PASSWORD + value: "{{ jitsi_meet_secrets.jicofo_auth_password }}" + + - name: JVB_BREWERY_MUC + value: jvbbrewery + + - name: TZ + value: {{ jitsi_meet_timezone }} + +- name: prosody + image: "jitsi/prosody:{{ jitsi_meet_version }}" + resources: + requests: + memory: "128Mi" + limits: + memory: "512Mi" + volumeMounts: + - name: scripts + subPath: prosody/cont-init.sh + mountPath: /etc/cont-init.d/99-k8s + - name: config + subPath: prosody + mountPath: /config + env: + - name: XMPP_DOMAIN + value: meet.jitsi + - name: XMPP_AUTH_DOMAIN + value: auth.meet.jitsi + - name: XMPP_MUC_DOMAIN + value: muc.meet.jitsi + - name: XMPP_INTERNAL_MUC_DOMAIN + value: internal-muc.meet.jitsi + + - name: JICOFO_COMPONENT_SECRET + value: "{{ jitsi_meet_secrets.jicofo_component_secret }}" + - name: JICOFO_AUTH_USER + value: focus + - name: JICOFO_AUTH_PASSWORD + value: "{{ jitsi_meet_secrets.jicofo_auth_password }}" + + - name: JVB_AUTH_USER + value: jvb + - name: JVB_AUTH_PASSWORD + value: "{{ jitsi_meet_secrets.jvb_auth_password }}" + - name: JVB_TCP_HARVESTER_DISABLED + value: "true" + + - name: TZ + value: {{ jitsi_meet_timezone }} + +- name: web + image: "jitsi/web:{{ jitsi_meet_version }}" + resources: + requests: + memory: "256Mi" + limits: + memory: "1Gi" + ports: + - protocol: TCP + containerPort: 80 + hostPort: {{ jitsi_meet_http_port }} + hostIP: 127.0.0.1 + volumeMounts: + - name: config + subPath: web + mountPath: /config + env: + - name: DISABLE_HTTPS + value: "1" + - name: ENABLE_HTTP_REDIRECT + value: "0" + + - name: XMPP_SERVER + value: 127.0.0.1 + - name: XMPP_DOMAIN + value: meet.jitsi + - name: XMPP_AUTH_DOMAIN + value: auth.meet.jitsi + - name: XMPP_INTERNAL_MUC_DOMAIN + value: internal-muc.meet.jitsi + - name: XMPP_BOSH_URL_BASE + value: http://127.0.0.1:5280 + - name: XMPP_MUC_DOMAIN + value: muc.meet.jitsi + + - name: JICOFO_AUTH_USER + value: focus + + - name: JVB_TCP_HARVESTER_DISABLED + value: "true" + + - name: TZ + value: {{ jitsi_meet_timezone }} + +- name: jvb + image: "jitsi/jvb:{{ jitsi_meet_version }}" + resources: + requests: + memory: "1Gi" + limits: + memory: "4Gi" + ports: + - protocol: UDP + containerPort: {{ jitsi_meet_jvb_port }} + hostPort: {{ jitsi_meet_jvb_port }} + hostIP: "{{ external_ip | default(ansible_default_ipv4.address) }}" + volumeMounts: + - name: config + subPath: jvb + mountPath: /config + env: + - name: XMPP_SERVER + value: 127.0.0.1 + - name: XMPP_DOMAIN + value: meet.jitsi + - name: XMPP_AUTH_DOMAIN + value: auth.meet.jitsi + - name: XMPP_INTERNAL_MUC_DOMAIN + value: internal-muc.meet.jitsi + + - name: JICOFO_AUTH_USER + value: focus + - name: JICOFO_AUTH_PASSWORD + value: "{{ jitsi_meet_secrets.jicofo_auth_password }}" + + - name: JVB_AUTH_USER + value: jvb + - name: JVB_AUTH_PASSWORD + value: "{{ jitsi_meet_secrets.jvb_auth_password }}" + - name: JVB_BREWERY_MUC + value: jvbbrewery + - name: JVB_PORT + value: "{{ jitsi_meet_jvb_port }}" + - name: JVB_TCP_HARVESTER_DISABLED + value: "true" + - name: DOCKER_HOST_ADDRESS + value: "{{ external_ip | default(ansible_default_ipv4.address) }}" + + - name: TZ + value: {{ jitsi_meet_timezone }} + +volumes: +- name: scripts + hostPath: + path: "{{ jitsi_meet_base_path }}/{{ jitsi_meet_inst_name }}/scripts" +- name: config + emptyDir: + medium: Memory diff --git a/roles/apps/jitsi/meet/templates/pod.yml.j2 b/roles/apps/jitsi/meet/templates/pod.yml.j2 deleted file mode 100644 index 1504211a..00000000 --- a/roles/apps/jitsi/meet/templates/pod.yml.j2 +++ /dev/null @@ -1,190 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: "jitsi-meet-{{ jitsi_meet_inst_name }}" -spec: - initContainers: - - name: prepare-config - image: busybox - workingDir: /config - command: - - sh - - -c - - mkdir -p jicofo prosody web jvb - volumeMounts: - - name: config - mountPath: /config - containers: - - name: jicofo - image: "jitsi/jicofo:{{ jitsi_meet_version }}" - resources: - requests: - memory: "1Gi" - limits: - memory: "4Gi" - volumeMounts: - - name: config - subPath: jicofo - mountPath: /config - env: - - name: XMPP_SERVER - value: 127.0.0.1 - - name: XMPP_DOMAIN - value: meet.jitsi - - name: XMPP_AUTH_DOMAIN - value: auth.meet.jitsi - - name: XMPP_INTERNAL_MUC_DOMAIN - value: internal-muc.meet.jitsi - - - name: JICOFO_COMPONENT_SECRET - value: "{{ jitsi_meet_secrets.jicofo_component_secret }}" - - name: JICOFO_AUTH_USER - value: focus - - name: JICOFO_AUTH_PASSWORD - value: "{{ jitsi_meet_secrets.jicofo_auth_password }}" - - - name: JVB_BREWERY_MUC - value: jvbbrewery - - - name: TZ - value: {{ jitsi_meet_timezone }} - - - name: prosody - image: "jitsi/prosody:{{ jitsi_meet_version }}" - resources: - requests: - memory: "128Mi" - limits: - memory: "512Mi" - volumeMounts: - - name: scripts - subPath: prosody/cont-init.sh - mountPath: /etc/cont-init.d/99-k8s - - name: config - subPath: prosody - mountPath: /config - env: - - name: XMPP_DOMAIN - value: meet.jitsi - - name: XMPP_AUTH_DOMAIN - value: auth.meet.jitsi - - name: XMPP_MUC_DOMAIN - value: muc.meet.jitsi - - name: XMPP_INTERNAL_MUC_DOMAIN - value: internal-muc.meet.jitsi - - - name: JICOFO_COMPONENT_SECRET - value: "{{ jitsi_meet_secrets.jicofo_component_secret }}" - - name: JICOFO_AUTH_USER - value: focus - - name: JICOFO_AUTH_PASSWORD - value: "{{ jitsi_meet_secrets.jicofo_auth_password }}" - - - name: JVB_AUTH_USER - value: jvb - - name: JVB_AUTH_PASSWORD - value: "{{ jitsi_meet_secrets.jvb_auth_password }}" - - name: JVB_TCP_HARVESTER_DISABLED - value: "true" - - - name: TZ - value: {{ jitsi_meet_timezone }} - - - name: web - image: "jitsi/web:{{ jitsi_meet_version }}" - resources: - requests: - memory: "256Mi" - limits: - memory: "1Gi" - ports: - - protocol: TCP - containerPort: 80 - hostPort: {{ jitsi_meet_http_port }} - hostIP: 127.0.0.1 - volumeMounts: - - name: config - subPath: web - mountPath: /config - env: - - name: DISABLE_HTTPS - value: "1" - - name: ENABLE_HTTP_REDIRECT - value: "0" - - - name: XMPP_SERVER - value: 127.0.0.1 - - name: XMPP_DOMAIN - value: meet.jitsi - - name: XMPP_AUTH_DOMAIN - value: auth.meet.jitsi - - name: XMPP_INTERNAL_MUC_DOMAIN - value: internal-muc.meet.jitsi - - name: XMPP_BOSH_URL_BASE - value: http://127.0.0.1:5280 - - name: XMPP_MUC_DOMAIN - value: muc.meet.jitsi - - - name: JICOFO_AUTH_USER - value: focus - - - name: JVB_TCP_HARVESTER_DISABLED - value: "true" - - - name: TZ - value: {{ jitsi_meet_timezone }} - - - name: jvb - image: "jitsi/jvb:{{ jitsi_meet_version }}" - resources: - requests: - memory: "1Gi" - limits: - memory: "4Gi" - ports: - - protocol: UDP - containerPort: {{ jitsi_meet_jvb_port }} - hostPort: {{ jitsi_meet_jvb_port }} - hostIP: "{{ external_ip | default(ansible_default_ipv4.address) }}" - volumeMounts: - - name: config - subPath: jvb - mountPath: /config - env: - - name: XMPP_SERVER - value: 127.0.0.1 - - name: XMPP_DOMAIN - value: meet.jitsi - - name: XMPP_AUTH_DOMAIN - value: auth.meet.jitsi - - name: XMPP_INTERNAL_MUC_DOMAIN - value: internal-muc.meet.jitsi - - - name: JICOFO_AUTH_USER - value: focus - - name: JICOFO_AUTH_PASSWORD - value: "{{ jitsi_meet_secrets.jicofo_auth_password }}" - - - name: JVB_AUTH_USER - value: jvb - - name: JVB_AUTH_PASSWORD - value: "{{ jitsi_meet_secrets.jvb_auth_password }}" - - name: JVB_BREWERY_MUC - value: jvbbrewery - - name: JVB_PORT - value: "{{ jitsi_meet_jvb_port }}" - - name: JVB_TCP_HARVESTER_DISABLED - value: "true" - - name: DOCKER_HOST_ADDRESS - value: "{{ external_ip | default(ansible_default_ipv4.address) }}" - - - name: TZ - value: {{ jitsi_meet_timezone }} - - volumes: - - name: scripts - hostPath: - path: "{{ jitsi_meet_base_path }}/{{ jitsi_meet_inst_name }}/scripts" - - name: config - emptyDir: - medium: Memory -- cgit v1.2.3